As the IT of the REWE Group Austria, we work together with our more than 600 employees to develop innovative IT products and services for all our corporate divisions in Austria and abroad, setting the tone for modern trade.As part of our Security Operation Center you will be responsible for the continuous improvement and development of our Toolset and Platform used to monitor and manage events, detect and manage vulnerabilities and support incident response or forensic use cases. Together with your team, you’ll plan and implement security use cases, automation develop operational procedures. You’ll be responsible to build, operate and maintain our SOC Toolstack and collaborate with needed peers throughout the company.Job DescriptionImplement, develop, maintain and operate our cyber defense platform in line with our requirementsTogether with our security analysts you develop new use cases to further improve our capabilitiesPlan rollouts of new tooling including stakeholder requirements and perform necessary quality checks to ensure a smooth implementationSupport active innovation of our tooling and provide risk benefit analysis to the SOC leadership teamExpand the reach of our existing tooling by onboarding new data sources and systemsWork in close partnership with our infrastructure teams, information security officer and colleagues from the REWE Digital SOCAdapt services based on self-driven recommendations and user requirementsEnsure compliance of our toolset in scope of various auditsContribute with proactive ideas in team matters and decisionsSupport an open feedback culture and a forward-looking error culture (learning organization)As part of your work, you identify potential security risks and forward them to the necessary authoritiesYou will help review and update cybersecurity policies and standardsQualificationsAt least 3-5 years of relevant professional experience in a security operation centerSuccessfully completed studies (computer science, information security, IT security, cybersecurity) or comparable trainingExperience in solving problems and conflicts in complex corporate structuresKnowledge of frameworks and standards in the SOC environment such as NIST, ISO, MITTRE or similar standardsIndustry certifications (CISSP/CISN, SANS GIAC, C.E.H. etc.) are considered a plusSound experience in using SIEM solutions, XDR, EDR, NDR and PAMTechnical knowledge of the products – Splunk, SentinelOne, Proofpoint, Cyberark is an advantageTechnical expertise in network security, including VPN, firewall, web server security and CloudSpecific OT and IoT knowledge are considered a plus.Knowledge of at least one scripting language (e.g. Perl, Python and PowerShell)A precise, responsible mindset and reliability are among your strengthsAbility to learn and adapt to new technologies quicklyVery good presentation and moderation skillsEntrepreneurial mindset and strong analytical and conceptual skillsHighly proficient in spoken and written EnglishWillingness to learn the local languageAdditional InformationLong-term, interesting and varied work for a reliable employer in a supportive teamA family-friendly company culture with flexible working hours and remote working options availableStaff shopping and travel discountsNumerous training and further development opportunities within the Group (5% of working time for self-organized training and education)On-site parkingA market-compliant, attractive and performance-related annual gross salary from EUR 45,100 with the willingness to overpay with appropriate experience and qualificationsNo matter where you are in your career, we have a path for you. Whether you’re looking for your first job, advancement in your field, or a new career shift. We’re proud to employ great people who are passionate about their jobs. But they’re all different. No matter who you are, what you need and where you’re going, REWE Group can be a part of it. Apply now!
#J-18808-Ljbffr